1. Home
  2. News
  3. Lote Notes November 2025
  4. Securing the Connected World: Rethinking IoT Security
 

Securing the Connected World: Rethinking IoT Security

Keywords: Internet of Things (IoT), Cybersecurity, Smart devices, Cyber-attacks, Attack surface, Mirai botnet, Patch management, Access control, international security standards, ISO, NIST, Verkada breach, Essential 8, Mutual TLS (mTLS), Cloud security, Default credentials, Encryption.

Context

Internet of Things (IoT) has exploded from consumer gadgets to critical infrastructure, linking sensors and controllers over Wi-Fi cellular, Bluetooth, and 5G to cloud and edge systems. Each connection adds complexity and risk, creating billions of endpoints forming a massive attack surface.

Today, more than 27 billion IoT devices are deployed, and that number grows every year. Many experts project there will be more than 40 billion IoT devices by 2030 (Alshehhi1, 2024). Every device, from smart thermostats and wearable trackers to industrial controllers and medical machinery, represents a potential entry point for attackers. As these networks expand, so do their vulnerabilities. Global IoT ecosystems endure an average of 820,000 hacking attempts daily, a figure rising sharply as threat actors leverage automated scanning, credential attacks, and targeted malware campaigns (Alshehhi1, 2024).

Current Outlook

Organisations face several core security challenges in IoT environments. Reused or default credentials often provide attackers with easy entry points, enabling rapid and automated hacks across large fleets of devices (José, 2025b). Weak encryption, alongside misconfigured protocols, expose sensitive control signals that are vulnerable to interception, particularly concerning in sectors where safety and reliability are paramount. Additionally, delayed patch cycles, especially for outdated or unsupported hardware, create lingering vulnerabilities that can’t be remedied with simple updates (José, 2025b). Attention is also drawn to historic incidents, such as The Mirai botnet and Verkada “Super Admin” breaches, which are landmark case studies that illustrate why IoT security failures can have broad and devastating impacts.

In 2016, the Mirai malware started infecting internet-connected devices such as cameras, DVRs, and routers by exploiting their unchanged default usernames and passwords (Cloudflare, 2025). Once infected, these devices became part of a massive botnet, receiving instructions from a remote command and control server. Mirai’s creators unleashed unprecedented DDoS attacks, most notably flooding the DNS service provider Dyn, which disrupted access to major sites globally, including Twitter and Netflix (Cloudflare, 2025). After the initial attacks, the Mirai source code was released publicly, spawning numerous copycat variants that target new IoT vulnerabilities (Cloudflare, 2025).

The core lesson from Mirai: simple security lapses like default credentials, when multiplied across millions of devices, can become a weapon that takes down critical parts of the internet.

The Verkada breach in 2021 involved hackers gaining access to the company’s internal administrative tools using “super admin” credentials (Hollingworth, 2024). This elevated access exposed live feeds from over 150,000 internet-connected security cameras deployed in hospitals, schools, corporations, and even prisons. (Hollingworth, 2024). The attackers could view, download, and in some cases control cameras, exposing sensitive environments and private moments at scale (Hollingworth, 2024). The breach spotlighted the risks of consolidating administrative privileges and weak access control over cloud-managed IoT, where a single compromised credential enabled sweeping surveillance and data exfiltration.

Current Controls

Organisations confronted these IoT security challenges by implementing robust controls and adhering to internationally recognised standards developed by bodies such as ISO, NIST, and Australia's Essential 8 framework (Khalil, 2025). The foundation of these controls is founded on the principle that all IoT devices must be treated as untrusted by default. This approach enforces the use of unique credentials per device to eliminate the risk of reused or default passwords, requires strong encryption protocols like mutual TLS (mTLS) to protect data both in transit and at rest, and mandates the revocation or disabling of insecure or unnecessary services which could become attack vectors (Khalil, 2025).

In parallel, vendors are compelled to adopt a secure-by-design philosophy throughout the manufacturing process (Beazley, 2024). This includes embedding identity enforcement mechanisms at the hardware level, deploying signed firmware updates to prevent tampering, maintaining transparent software bills of materials (SBOMs) to track components, and providing clear device deprovisioning paths (Beazley, 2024). Relying on reactive, after-market fixes is no longer sufficient to manage the high stakes of IoT security.

A critical operational control is the segmentation and continuous monitoring of all IoT devices within an organisation’s network (Cloudi-Fi, 2025). By isolating these devices on dedicated VLANs or software-defined networking (SDN) microsegments, organisations significantly reduce the attack surface and limit potential lateral movement (Cloudi-Fi, 2025). Coupled with automated firmware update orchestration and lifecycle management systems, this layered strategy strengthens overall resilience against emerging threats, ensuring IoT deployments remain more secure and manageable as their scale and complexity grow.

Future Direction

The future direction of IoT security is shaped by rapid device proliferation, increased regulations, and emerging technologies that raise both capability and risk. As connectivity climbs toward 40 billion devices by 2030, the sector is focusing on several major fronts (Conure, 2024).

IoT security is entering an era in which advanced encryption, robust authentication, and zero-trust designs are becoming standard practice (Conure, 2024). Stronger protocols like mTLS and quantum-resistant cryptography now safeguard data end-to-end, while certificate-based device identities, secure boot processes, and signed firmware updates help neutralise risks from password reuse and software tampering at every lifecycle stage (José, 2025a).

Concurrently, edge computing, AI-driven anomaly detection, and blockchain authentication are helping organisations respond to threats with greater speed and accuracy (José, 2025a). Coupled with 5G technologies that enable granular access controls and privacy, these innovations are reinforced by stricter regulatory requirements worldwide, such as mandatory vulnerability disclosures and privacy-by-design mandates (Cogniteq, 2025). The shift to user-friendly security dashboards and integrated monitoring tools continues to empower both organisations and individuals to stay ahead of emerging IoT threats (Cogniteq, 2025).

The IoT security landscape now stands at a pivotal turning point, as the unprecedented surge in connected devices brings both vast opportunities and significant, rapidly evolving risks. The convergence of IT and OT, coupled with threats from sophisticated botnets, ransomware, and quantum computing, means organisations must prioritise a proactive and adaptive security approach, no longer treating IoT protection as optional or secondary. Only through ongoing vigilance, adaptability, and shared commitment can the IoT ecosystem support innovation without sacrificing security or public confidence.

Subheading